[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Authentication

JNDI also offers a way to do this. The socket connection is hidden
beneath a "Context" object. You can change the properties of the Context
without closing the socket.

-----Original Message-----
From: Daniel Tiefnig [mailto:openldap@qmail.infonova.at]
Sent: Thursday, August 02, 2001 8:19 AM
To: openldap-software@OpenLDAP.org
Subject: Re: Authentication

"Devdas Bhagat" <devdas@worldgatein.net> wrote...
> Can I have an application open a connection to OpenLDAP-2.0.11
> and repeatedly bind to it as different users for the purpose of
> authentication? With just one connection opened and all required
> data being handled over the same channel.
> Essentially
> bind, retrieve data, repeat with different values.

that's possible, i'd say.. at least perLDAP (www.perldap.org) offers a
function to do this:

if ($conn->simpleAuth($dn, $PASS))
  print "authenticated!\n";
  print "failed!\n";

you may repeat this function several times with different dn/pass.
have a look at:

> Is this workable, or would storing user passwords encrypted in LDAP
> and having each application verify them individually be better?

your storing userpasswords in LDAP anyway, i think. which solution is
depends on the usecase, i'd say. opening multiple connections allows you
benefit from a multithreaded LDAP e.g.